Heartbleed Vulnerability

On April 7th, the “Heartbleed” vulnerability was disclosed and a corresponding patch was released. Onehub, with many others, was potentially vulnerable to the exploit; though we have no reason to believe any data was compromised. Within 24-hours all affected services were patched, and all of our SSL certificates were revoked as a precautionary measure. Onehub Enterprise is not vulnerable.

In early 2013 we began to offer Perfect Forward Secrecy to users running modern browsers which further mitigates any risk by preventing retroactive decryption of private traffic. We will continue to closely monitor the security and privacy of our customer’s data and will react swiftly against new threats that may emerge. Please contact us at support@onehub.com if you have any additional questions or concerns.